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Appl. No. 09/735,087 

Amdt. dated AprH 22, 2005 

Reply to Office action of January 26, 2005 

Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in 
the application: 

Listing of Claims: 

1. (Currently amended) A cryptographic system in a computer system, 
comprising: 

a database, the database configured to contain sensitive information; 

at l e ast on e a t<9v repository proces s operating in the computer system : 

two or more master keys of which at least one master key Is a most-secure 
master key and requiring a multi-part construction to be exposed , the multi-part 
construction reaulrina information from at least two most-secure key owners for 
the most-secure key to be exposed, the most-secure master key orovidino 
protection to the sensitive information , relative to the at least one most-secure 
master key each of the remaining one or more master keys is a less-secure 
master key and requiring construction from fewer parts to be exposed, the at least 
one most-secure master key can be used for detecting tampering of any less- 
secure master key; and 

means for cryptographically linking one or more of the at least one most- 
secure master key with one or more less-secure master keys such that any 
tampering of the one or more less-secure master keys can be detected. 

2. (Previously presented) A cryptographic system as in claim 1 , wherein the 
cryptographic linking is perfomned by creating a message digest of the one or 
more most-secure master keys concatenated with the one or more less-secure 
master keys, and saving the result in the database. 

3. (Currently amended) A cryptographic system as in claim 1, wherein the 
cryptographic linking is performed by creating a message digest of the one or 
more most-secure master keys concatenated with a random value and further 
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concatenated with the one or more less-secure master keys, and saving the 
result in a-the database. 



4. (Original) A cryptographic system as in claim 3, wherein the random value 
is a Salt. 

5. (Original) A cryptographic system as in claim 1, wherein for each of the 
one or more most-secure master keys the cryptographic linking is performed by 
using that most-secure master key as a symmetric encryption key, to compute a 
symmetric message authenticatfon code, and retaining some or all of the result. 

6. (Original) A cryptographic system as in daim 1, wherein for each of the 
one or more most-secure master keys the cryptographic linking is performed to 
produce an 8-byte result by using that most-secure master key as a symmetric 
encryption key, to compute a symmetric message authentication code, and 
retaining a 4-byte portion of the result 

7. (Original) A cryptographic system as in daim 6, wherein the symmetric 
message authentication code is computed using cipher-block chaining (CBC) 
method of any symmetric encryption algorithm. 

8. (Original) A cryptographic system as in daim 7, wherein the CBC is 
perfomied using a random number as an initialization vector, and wherein the 
Initialization vector is saved along with the result. 

9. (Original) A cryptographic system as in claim 1, wherein the two or more 
master keys are kept in non-swappable physical memory. 

10. (Original) A cryptographic system as in claim 9, wherein the non- 
swappable physical memory is protected. 
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11. (Original) A cryptographic system as in claim 1, wherein the two or more 
master keys are kept in virtual memory. 

12. (Original) A cryptographic system as in claim 1. wherein, respectively, the 
at least one most-secure master key and the one or more less-secure master 
keys, include a protection key and an integrity key. the protection key protecting 
access to sensitive information and the integrity key ensuring the integrity of the 
sensitive information. 

13. (Cancelled). 

14. (Original) A cryptographic system as in claim 1, wherein the sensitive 
information can be a public key. 

15. (Original) A cryptographic system as in daim 1, wherein the means for 
cryptographically linking is a key repository process for enforcing enterprise 
policies and policy decisions. 

16. (Currently amended) A method for linking multiple cryptographic keys, 
comprising: 

providing a computer system; 

instantiating at least one process on the computer system; 

provkJing two or more master keys of which at least one master key is a 
most-secure master key and requiring a multi-part construction to bo exposed, 
the multi-part constmction requiring Information from at least two most-secure kev 
owners for the most-secure key to be exposed, relative to the at least one most- 
secure master key each of the remaining one or more master keys is a less- 
secure master key and requiring construction from fewer parts to be exposed, the 
at least one most-secure master key can be used for detecting tampering of any 
less-secure master key; and 
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instantiating a key repository process that validates and records 
authorizations to access the two or more master keys, the key repository process 
cryptographically linking one or more of the at least one most-secure master key 
with one or more less-secure master keys such that any tampering of the one or 
more less-secure master keys can be detected. 

17. (Original) A method as in claim 16, wherein the cryptographic linking is 
performed by creating a message digest of the one or more most-secure master 
keys concatenated with the one or more less-secure master keys, and saving the 
result in a database. 

18. (Original) A method as in claim 16, wherein the cryptographic linking is 
perfomied by creating a message digest of the one or more most-secure master 
keys concatenated with a random value and further concatenated with the one or 
more less-secure master keys, and saving the result in a database. 

19. (Original) A method as in claim 16, wherein the random value is a Salt. 

20. (Original) A method as in claim 16, wherein for each of the one or more 
most-secune master keys the cryptographic linking Is performed by using that 
most-secure master key as a symmetric encryption key, to compute a symmetric 
message authentication code, and retaining some or all of the result. 

21. (Original) A method as in claim 16, wherein for each of the one or more 
most-secure master keys the cryptographic linking Is performed to produce an 8- 
byte result by using that most-secure master key as a symmetric encryption key, 
to compute a symmetric message authentication code, and retaining a 4-byte 
portion of the result. 
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22. (Original) A metiiod as in ciaim 16, wherein the symmetric message 
authentication code is computed using cipher-block chaining (CBC) method of 
any symmetric encryption algorithm. 

23. (Original) A method as in claim 16, wherein the CBC is performed using a 
random number as an Initiaiizatlon vector, and wherein the initialization vector Is 
saved along with the result 

24. (Original) A method as in claim 16, wherein the two or more master keys 
are kept in non-swappable physical memory. 

25. (Original) A method as in claim 23, wherein the non-swappable physical 
memory is protected. 

26. (Original) A method as in daim 16, wherein the two or more master keys 
are kept in virtual memory. 

27. (Original) A method as in claim 16, wherein^ respectively, the at least one 
most-secure master key and the one or more less-secure master keys, include a 
protection key and an integrity key, the protection key protecting access to 
sensitive information and the integrity key ensuring the integrity of the sensitive 
information, 

28. (Cancelled). 

29. (Original) A method as in claim 16, wherein the sensitive infonnation can 
be a public key. 
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